W3C home > Mailing lists > Public > public-xmlsec@w3.org > August 2011

Proposed text to add to security considerations

From: Hal Lockhart <hal.lockhart@oracle.com>
Date: Tue, 16 Aug 2011 08:53:57 -0700 (PDT)
Message-ID: <2463693c-9160-4019-bfe1-02af145e8a83@default>
To: public-xmlsec@w3.org
Here is what I had in mind.

6.7 Timing Attacks

It has been known for some time that it is feasible for an attacker to recover keys or cleartext by repeatedly sending chosen ciphertext and measuring the time required to process different requests with different types of errors. It has been demonstrated that attacks of this type are practical even when communicating over large and busy networks, especially if the receiver is willing to process large blocks of ciphertext. 

Implementers SHOULD ensure that distinct errors detected during security algorithm processing do not consume systematically different amounts of processing time from each other. Implementers SHOULD consult the technical literature for more details on specific attacks and recommended countermeasures.

Deployments SHOULD generate alerts when a large number of security algorithm processing errors are detected within a short period of time, especially in messages from the same origin.



Hal
Received on Tuesday, 16 August 2011 15:54:45 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:55:16 UTC